Yahoo Hacked - Any Surprises?

When you don't control all content that flows onto a site, there is always the potential risk that malicious malware could be sneaking in. That's what happened to Internet giant Yahoo over the weekend as malicious ads were able to infect unsuspecting users. Frankly, I'm not surprised.

Ad platforms have been the subject of much security research and attacks over the years. The basic technology that most ad platforms (including Yahoo) use to insert themselves onto Web pages is the HTML iFrame tag. The iFrame enables embedded content and code on a given page, and I have always considered its use a security risk.

In the Yahoo exploit, security firm Fox-IT reported that the malicious ads were combined with common exploit kits. Yahoo could have—and likely should have—known better as advertising-based attacks are nothing new.

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.